From unknown Thu Mar 28 21:13:01 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#777: nx-libs: incorrect usage of scanf Reply-To: Heinrich Schuchardt , 777@bugs.x2go.org Resent-From: Heinrich Schuchardt Resent-To: x2go-dev@lists.x2go.org Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Fri, 30 Jan 2015 19:40:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: report 777 X-X2Go-PR-Package: nx-libs X-X2Go-PR-Keywords: Received: via spool by submit@bugs.x2go.org id=B.14226465565953 (code B); Fri, 30 Jan 2015 19:40:01 +0000 Received: (at submit) by bugs.x2go.org; 30 Jan 2015 19:35:56 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_40,FREEMAIL_FROM autolearn=ham version=3.3.2 Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 5DD0C3BC8A for ; Fri, 30 Jan 2015 20:35:55 +0100 (CET) Received: from [192.168.123.39] ([178.201.93.16]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0MaE4a-1XxP3T0IOm-00JoiI for ; Fri, 30 Jan 2015 20:35:55 +0100 Message-ID: <54CBDD19.8090103@gmx.de> Date: Fri, 30 Jan 2015 20:35:53 +0100 From: Heinrich Schuchardt User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.3.0 MIME-Version: 1.0 To: submit@bugs.x2go.org Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:LBguQCVpS36vYsS5CVcFmYe4tyBsvIMCWaV5SEWlwYE+LjeXeCv LdSldVgTH1vsqCs+XSLmHSibjRgIaGNNmwdbHTSvylsRNj6de3SJTRcXlceOKRBlJgG5mS4 q5rMtN/paHUhgb/RBh7+R72MvbwNpiRzJbM4Ujr8CKHllXED7SYgNdDCeGUCo6lzcrwGvc+ 8Y81VE/IYRZRgFJQTCsZA== X-UI-Out-Filterresults: notjunk:1; package: nx-libs version: head In different parts of the nx-libs library you can find usages of scanf like /* check for MESA_GAMMA environment variable */ gamma = _mesa_getenv("MESA_GAMMA"); if (gamma) { v->RedGamma = v->GreenGamma = v->BlueGamma = 0.0; sscanf( gamma, "%f %f %f", &v->RedGamma, &v->GreenGamma, &v->BlueGamma ); According to cppcheck: scanf without field width limits can crash with huge input data on libc versions older than 2.13-25. Add a field width specifier to fix this problem: %i => %3i Best regards Heinrich Schuchardt